<?php
/**
 * @ Fmash Top System
 * @ version: 3.0
 * @ author: i.coffee.smile@mail.com
 * @ date:2011-1-27
 * @ file:login.php $12
 */
 
include_once 'class_mysql_uc.php';
include_once 'function.php';

if(isset($_COOKIE['UID']) && isset($_COOKIE['Uname']) && $_COOKIE['FMASH'] =='jsuHappynow')
{
	header('location:index.php');
}
if(isset($_GET['from']))
{
	$message ='你需要登录之后才能进行当前动作。';
}

if(isset($_POST['username'])&&isset($_POST['password'])){
	$username = incheck($_POST['username']);
	$sql_salt = "SELECT `salt`,`password`,`uid`,`username` FROM `".$pre."ucenter_members` WHERE `username` = '".$username."'";
	$result = mysql_query($sql_salt);
	$row = mysql_fetch_row($result);
	$salt = $row[0];
	$password = md5(md5($_POST['password']).$salt);
	if($password == $row[1])
	{
		$message = '';
		setcookie('UID',$row[2],time()+31536000);
		setcookie('Uname',$username,time()+31536000);
		setcookie('FMASH','jsuHappynow',time()+31536000);
		$admin_sql = "SELECT * FROM `".$pre."ucenter_admins` WHERE `uid` = $row[2];";
		$admin_result = mysql_query($admin_sql);
		$admin_row = mysql_fetch_row($admin_result);
		if($admin_row[0] != '')
		{
			setcookie('DOS','Lua@Fmash',time()+31536000);
		}
		//--connect database
		$conn2 = mysql_connect ($mysql_server_name, $mysql_username , $mysql_password);
		
		//--chose database
		mysql_select_db($mysql_database,$conn2);
		
		//--set names
		mysql_query('set names utf8');
		$ss = "SELECT * FROM `$top_member` WHERE `uid` = '$row[2]';";
		$r = mysql_query($ss);
		$time = time();
		$rr = mysql_fetch_row($r);
		if($rr[0] == '')
		{
			$ii = "INSERT INTO `$top_member` (`uid`,`name`,`lastdate`) VALUES ('$row[2]','$row[3]','$time')";
			mysql_query($ii);
		}else{
			$update_member = "UPDATE `$top_member` SET `lastdate` = '$time' WHERE `uid` = $row[2]";
			mysql_query($update_member);
		}
		//where are you come from ,then i s u to your come
		if(isset($_GET['from']) && $_GET['from']!='')//后面的$_GET['from']!=''非常重要
		{
			$url = de_url($_GET['from']);
			header("location:$url");
		}else{
			header('location:index.php');
		}
	}else{
		$message = "密码错误，或者没有该用户！";
	}
}

?>
<!DOCTYPE html PUBLIC"-//W3C//DTD XHTML 1.0 Transitional//EN""http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="zh-CN" lang="zh-CN">

  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>登录 - 收录吉首大学最漂亮的女生</title>
    <link href="style/love.css" media="screen" rel="stylesheet" type="text/css" />
  </head>

  <body>
<?php include_once("header.template");?>
        <div id="wrapper">
            <div id="wrapper-inner">
                <div id="sidebar">
                </div>
                <div id="canvas">
                    <div id="content">
                    <?php
					echo $message;
					?>
                        <div class="form">
                            <form action="" class="new_user" id="new_user" method="post">
                                <table>
                                    <tr>
                                        <td>
                                            <strong>
                                                用户名:
                                            </strong>
                                        </td>
                                        <td>
                                            <input id="user_email" name="username" size="30" type="text" value=""/>
                                        </td>
                                    </tr>
                                    <tr>
                                        <td>
                                            <strong>
                                                密码:
                                            </strong>
                                        </td>
                                        <td>
                                            <input id="user_password" name="password" size="30" type="password"/>
                                        </td>
                                    </tr>
                                    <tr>
                                        <td>
                                        </td>
                                        <td>
                                            <input class="submit" id="user_submit" name="commit" type="submit" value="登录！"/>
                                            <a href="http://www.fmash.com/member.php?mod=logging&action=login&viewlostpw">
                                                忘记密码？
                                            </a>
                                        </td>
                                    </tr>
                                </table>
                            </form>
                        </div>
                    </div>
                </div>
                <div class="clear">
                </div>
            </div>
        </div>
<?php include_once("footer.template");?></body>
</html>